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EXAMINER'S ANSWER 

This is in response to tlie appeal brief filed on June 26, 2006 appealing from the Office 
action mailed March 15, 2006. 

(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial 
proceedings which will directly affect or be directly affected by or have a bearing on the 
Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection 
contained in the brief is correct. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 
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(6) Grounds of Rejection to be Reviewed on Appeal 

The appellant's statement of the grounds of rejection to be reviewed on appeal is 
correct. 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 

Fan US Patent No. 6219706 

Abadi US Patent No. 5315657 

(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 
Claims 1-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Fan 
(US patent No. 6219706) in view of Abadi (US patent No. 5315657) 
Claim 1, 7 Regarding claim 1 , authentication means for authenticating the device on 
said global network is disclosed in column 4, lines 50-52 of Fan. Creating means for 
creating an access permission entry in response to an access request from the device 
authenticated by said authentication means, and adding said access permission entry to 
an access permission list is disclosed in column 3, lines 46-49. Control means which, 
upon receiving a data packet sent from the device on said global network, determines 



Application/Control Number: 10/045,320 Page 4 

Art Unit: 2616 

whether or not said data packet should be transferred to said local access permission 
entry network based on information extracted from the header of said data packet arid 
on the access permission entry contained in said access permission list is disclosed in 
column 3, lines 53-56. 

Fan does not specifically disclose the authentication is done in response to a 
service access request message. 

Abadi discloses in column 4, lines 61-67 a device that requests authentication on 
a network, and receives authentication (Col 13 lines 19-21) in response to the request 
(Col 4 lines 8-25 and Col 16 lines 35-56). It would have been obvious to one skilled in 
the art at the time of the invention to include authentication requests as disclosed by 
Abadi, within the access control system disclosed by Fan. The motivation would be to 
allow a user to initiate the process of seeking to authenticate themselves (see Abadi, 
column 4, lines 61-63). 

Claim 2, 8 Fan discloses said access permission entry creating means extracts 
access information from an access request packet transmitted from the authenticated 
device, thereby creating an access permission entry containing a source IP address, a 
destination IP address, a source port number, a destination port number and a last 
access permission time is disclosed in column 3, lines 46-49; column 1, lines 43-46; and 
column 12, lines 14-17 (last permission time). 

Claim 3, 9 Fan discloses said control means extracts a source IP address, a 
destination IP address, a source port number and a destination port number from the 
header of the data packet transmitted from the device on said global network, compares 
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these extracted items of information with the information about the access permission 
entry contained in said access permission list and transfers said data packet to said 
local network if the two pieces of information correspond in all of the source IP address, 
destination IP address, source port number and destination port number is disclosed in 
column 1, lines 43-46, and column 3, lines 12-13 and 53-56. 

Claim 4 Fan disclose said control means eliminates the access permission entry 
corresponding to a relevant access from said access permission list in accordance with 
an access termination notification from the device on said global network is disclosed in 
column 10, lines 13-22. 

Claim 5 Fan discloses said control means calculates the length of time which 
elapsed from the last access based on a last access permission time stored in the 
access permission entry which corresponds to the time at which the data packet was 
received from the device on said global network, and eliminates the access permission 
entry from said access permission list when the elapsed time exceeds a predetermined 
reference time is disclosed in figure 7 and column 12, lines 10-25. 
Claim 6 Fan discloses storage means for storing said access permission list is 
disclosed at column 3, lines 53-56. 

(10) Response to Argument 

The applicant argues that Abadi discloses a request for a resource occurring 
after the communication channel is already established. The applicant also argues that 
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the authentication request disclosed in Abadi does not include a request for service 
from the network as claimed by Examiner Davis in the Advisory Action. 

(a) In response to the applicant's arguments that Abadi discloses a request for a 
resource occurring after the communication channel is already established, the 
examiner makes reference to Col 13 lines 15-24, wherein Abadi discloses that once a 
user is authenticated, that user has access to local files/resources (services). Therefore 
the authentication request disclosed by Abadi (Col 4 lines 61-67) is equivalent to a 
request for local resources (services) as disclosed in Col 13 lines 18-24, where 
authentication allows acces to these resources. 

(b) In response to the applicant's arguments that the authentication request 
disclosed in Abadi does not disclose a request for service from the network, the 
examiner makes reference to comments (a) above, wherein authentication allows for 
local services. Furthermore, the examiner contends that it is common knowledge within 
the art that the purpose for authentication is to receive services. 

In Abadi, the user is authenticated before they can receive files (services or 
resources). To be authenticated, the user makes a request for resource access (Col 4, 
lines 7-1 1 ). It is clear that a service access request message is used in Abadi before the 
authentication and accessing files. 
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(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the 
Related Appeals and Interferences section of this examiner's answer. 

For the above reasons, it is believed that the rejections should be sustained. 
Respectfully submitted, 
Christopher Grey 
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